Tenable's Nessus Network Monitor is a passive sniffer that looks to discover hosts within the environment, detect known vulnerabilities, discover malware, find potential configuration issues, etc. through packet inspection and analysis of that data. For more information about Nessus Network Monitor, please consult the following links:

• Nessus Network Monitor product page
• Nessus Network Monitor latest docs

Please note that as this is a network sniffer, you will either need to attach a second interface with mirrored traffic or run the container in privileged mode to listen to the physical interface.

The github repository for the build files is located here.

Each image is tagged with the major, minor, and patch releases. The most current image is always tagged as "latest". For the current listing of tags, please refer to the tags tab for a current listing.

docker volume create nessus_monitor_var
docker create -v nessus_monitor_var:/opt/nnm/var/nnm \
		--name=nessus_monitor \
		-e SCANNER_NAME=${SCANNER_NAME} \
		-e LINKING_KEY=${LINKING_KEY} \
		-e MONITOR_INTERFACE=eth1 \
		stevemcgrath/nessus_monitor:latest
docker network connect span nessus_monitor
docker start nessus_monitor

NOTE: You must specify either a linking key or a license code.

• LINKING_KEY (required) - Linking key to use for linking the scanner to Tenable.io
• LICENSE (required) - Activation code (if not a Tenable.io linked scanner)
• SCANNER_NAME (required) - Sets the sensor name for the linking process (Tenable.io only)
• MANAGER_HOST (optional) - Nessus Manager address
• MANAGER_PORT (optional) - Nessus Manager service port
• PROXY_HOST (optional) - Proxy address
• PROXY_PORT (optional) - Proxy service port
• PROXY_USER (optional) - Proxy account username
• PROXY_PASS (optional) - Proxy account password
• PROXY_AGENT (optional) - Proxy agent string
• MONITOR_NETWORKS (optional) - What networks should the Nessus monitor look for?
• EXCLUDE_NETWORKS (optional) - What networks should the Nessus monitor exclude?
• MONITOR_INTERFACE (optional) - What interface within the container should Nessus Monitor listen on?
• ADMIN_PASS (optional) - Specify a password for the admin user